1. Field of the Invention
The present invention relates to a network system, a data transmission and reception method, a transmission unit, a reception unit, and a computer-readable medium for storing a program for secure data transmission. More particularly, the present invention relates to a method and system for enabling a transmission unit to transmit data to a reception unit after applying appropriate security processes to the data. It also relates to a transmission unit and a reception unit to transport security-protected data, as well as to a computer-readable medium for storing a program that causes computers to send and receive security-protected data.
2. Description of the Related Art
Modern network communications systems often employ facilities for security measures, such as cryptography, to protect transmission data from the potential risk of piracy, alteration, and other illegal access to the data. Suppose, for example, that a person in a company is attempting to send some data to another company. The person accomplishes this task typically by performing the following steps:
(1) collecting the intended source data from various storage places on his/her company""s local area network (LAN),
(2) checking the confidentiality level of each data item, based on the company""s security policy,
(3) determining which security processes to apply to each data item, according to an overall consideration of what type of network (e.g., leased lines, value-added networks, or open networks) will be used to transport data, and what system environment the recipient company has, in addition to the data confidentiality levels identified above,
(4) applying the determined security processes to individual data items in a step by step manner,
(5) notifying the recipient, in advance, of what kinds of security processes have been applied to the data that they will receive, and
(6) transmitting the security-protected data to the recipient.
The above conventional procedure, however, has the following problems. At step (1), the user has to locate and retrieve each desired data item manually. Besides being unfavorable in terms of work efficiency, this step of data collection raises a problem with the validity of data. More specifically, the process of step (1) xe2x80x9cphysicallyxe2x80x9d copies each data from one medium to another, thus producing such a situation where two data instances having the same content coexist in a single system. When the original data is changed, its replica may not always be updated in a timely manner, resulting in two inconsistent versions.
Step (2) also burdens the end user with inefficient work of surveying the confidentiality level of each individual data item, using manuals or other documents that describe his/her company""s security policies. Additionally, the confidentiality levels determined as such are likely to reflect more or less the user""s personal view. This introduces some inconsistency to the resulting security levels when the same data is processed by different people. Another problem is that alterations to the company""s security policies may not immediately become effective, but it takes some time, in general, for the employees to get used to the new rules. This may lead to a worst case scenario where important company-confidential information could leak out.
With respect to step (3), it is difficult for the end users to set up the details of security processes for individual data items to be transmitted, since this step requires complicated tasks. To alleviate their burden, security processes are often selected in accordance with the highest confidentiality level, although not every data item requires it. This method, however, is inefficient since it often applies unnecessary protection to transmission data. Another problem with this method is that it relies on the skill levels of individual end users, particularly when the company""s security policy manual cannot provide practical solution. This dependency on the individuals introduces some ambiguity to the company""s security processing. Still another disadvantage of the conventional system is that it takes much time to migrate from the existing system to a new system. This causes a problem when attempting to revise a security agreement with a partner company.
Step (4) requires the end users to purchase necessary software applications for security processing, set up them, and operate them. This actually imposes heavy workloads on the users. Also, software upgrades will often cause a problem in the consistency of software versions among a plurality of end user terminals, where security processing applications are typically installed. Inconsistency between the sender and the receiver sometimes blocks data unprotection processes. Installation of new software applications would cause the same problems.
Furthermore, it is not always true that end users can keep a correct sequence of security processes. Without keeping correct order, some security processes cannot fully provide their performance. For example, data compression programs will not yield good compression ratios when the source data is encrypted, or scrambled. Running an anti-virus application to check an encrypted data file is totally nonsense. Carelessness of some end users may even cause a data transmission without applying any security measures, exposing the company""s confidential data to a serious risk of information leakage.
Lastly, the step (5) requires the recipient to know the exact procedure of data protection. Without this information, the recipient cannot unprotect the received data. Another problem at the recipient""s side is that the burden of security processing can be sometimes intolerable, because different security policies should be used to communicate with different companies or different partners.
Taking the above into consideration, an object of the present invention is to provide a method and system for safely delivering data to destination sites on a network, without depending on the skill levels of individual end users.
Another object of the present invention is to provide a transmission unit which alleviates workloads imposed on the end users when protecting the transmission data with security processes.
Still another object of the present invention is to provide a reception unit which automatically unprotects the received data in a reliable manner.
To accomplish the above objects, according to the present invention, there is provided a network system in which a sender transmits data to a recipient over a network, after applying appropriate security processes to the data. This system comprises a transmission unit and a reception unit, which are coupled to each other via the network. The transmission unit comprises: (a1) a security processor which applies security processes to data to be transmitted to the recipient, where the security processes are selected as being relevant to a data confidentiality level that is determined from data attribute information and communication environment, (a2) an identification data attaching unit which attaches identification data to the data to allow the recipient to identify the security processes that the security processor has applied, and (a3) a transmitter which transmits the data over the network to the recipient, together with the identification data being attached thereto. The reception unit, on the other hand, comprises: (b1) a receiver which receives the data that is sent over the network by the transmission unit, (b2) an identification data extracting unit which extracts the identification data that is attached to the received data, and (b3) an unprotection unit which unprotects the data by using the identification data extracted by the identification data extracting unit.
The above and other objects, features and advantages of the present invention will become apparent from the following description when taken in conjunction with the accompanying drawings which illustrate a preferred embodiments of the present invention by way of example.